f417d109e5790aed75ba9809a45b0260570c1a33f7a84ff656739a369bd56975

Sharing

Copy URL Twitter E-mail

General

Target

f417d109e5790aed75ba9809a45b0260570c1a33f7a84ff656739a369bd56975
Size

176KB
MD5

3e0222774ddfb84e498a97c8571a5c3b
SHA1

c0d9d6f737131e3d0c42097ee0953ab07257dd1c
SHA256

f417d109e5790aed75ba9809a45b0260570c1a33f7a84ff656739a369bd56975
SHA512

4e50cba622f3a9eb43207d800b9bb44d3b3b5de7b9dbaf200b8504973e5ac42d00e6648ec1b4f207b8e67b05206272db6f4051ff8d89e072f2732552a84e0bab
SSDEEP

3072:kUhp0BVW5B4kxbGaSUrtL2pmQmWCCWaAsipufZe6VCB9pM:kUh+O5Omqavrw/lCcApUReA

Score

N/A

Malware Config

Signatures

Files

f417d109e5790aed75ba9809a45b0260570c1a33f7a84ff656739a369bd56975
.exe windows x86

f33b004faf4b19db58282e1bfd0f3136

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeW
StrStrA
StrChrA
wvnsprintfW
wvnsprintfA

kernel32

lstrlenW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
LoadLibraryA
GetCurrentProcessId
lstrcmpA
LockResource
SetLastError
LCMapStringW
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
MultiByteToWideChar
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
RtlUnwind
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
VirtualQuery
GetModuleHandleW
VirtualProtect
EncodePointer
DecodePointer
InterlockedPopEntrySList
VirtualFree
IsProcessorFeaturePresent
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
ExitProcess
Sleep
CreateFileW
DeviceIoControl
CloseHandle
GetSystemInfo
GetSystemTime
SystemTimeToFileTime
GetCurrentThreadId
WideCharToMultiByte
GetVolumeInformationA
VirtualAlloc
UnhandledExceptionFilter
GetCurrentProcess
FlushInstructionCache
GetVersionExA
GetModuleHandleA
SetStdHandle
WriteConsoleW
VirtualFreeEx
FlushFileBuffers
SetComputerNameA
FileTimeToDosDateTime
lstrcmpiW
lstrcpynA
lstrcpyA
lstrcatA
GetProcessHeap
HeapAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
TlsSetValue
GetStringTypeW

user32

DialogBoxParamA
EndDialog
GetWindow
MonitorFromWindow
GetDC
CheckMenuRadioItem
SetWindowPos
SetMenuDefaultItem
RemoveMenu
AppendMenuA
CreatePopupMenu
LoadBitmapA
LoadStringW
PostQuitMessage
GetWindowRect
TranslateAcceleratorA
SetMenu
GetMenu
GetSubMenu
PtInRect
IsMenu
GetClassNameA
OffsetRect
CallNextHookEx
GetKeyState
CharLowerA
UnhookWindowsHookEx
InflateRect
SystemParametersInfoA
SetRectEmpty
GetSystemMetrics
RegisterWindowMessageA
GetSysColorBrush
GetSysColor
ReleaseDC
GetWindowDC
TrackPopupMenuEx
GetMessagePos
WindowFromPoint
MessageBeep
DrawEdge
FrameRect
ModifyMenuA
MonitorFromPoint
GetMonitorInfoA
DrawFrameControl
DrawTextA
GetFocus
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
FillRect
GetActiveWindow
GetWindowThreadProcessId
GetParent
SetFocus
IsWindowEnabled
IsWindowVisible
InvalidateRect
UpdateWindow
MapWindowPoints
ScreenToClient
GetClientRect
PostMessageA
SendMessageA
LoadStringA
LoadMenuA
LoadAcceleratorsA
DestroyMenu
EndPaint
BeginPaint
CallWindowProcA
CreateWindowExA
DestroyWindow
GetClassInfoExA
LoadCursorA
LoadImageA
RegisterClassExA
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
IsWindow
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowRgn
SetWindowsHookExA
UnregisterClassA

gdi32

DeleteObject
DeleteDC
SelectObject
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
CreateBitmap
GetStockObject
GetCurrentObject
GetObjectA
SetBkMode
SetTextColor
SetBrushOrgEx
SetBkColor
CreatePatternBrush
PatBlt
CreateDIBSection

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoSetProxyBlanket

oleaut32

VarUI4FromStr
SysFreeString
VariantClear
VariantInit
SysAllocString

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_Draw
ImageList_DrawIndirect
ord6
ord8
ImageList_Create
ImageList_LoadImageA
ImageList_AddMasked
InitCommonControlsEx

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f33b004faf4b19db58282e1bfd0f3136

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 10KB - Virtual size: 9KB